RPCTableManager Class Reference
Performs patching of GuestRPC mechanism handler table. More...
#include <tablemgr.h>
Collaboration diagram for RPCTableManager:
Classes | |
| struct | AddressRange |
| Represents an arbitrary address range. More... | |
| struct | RefGroupDescriptor |
| Contains information about a set of pointers to strings that can potentially be a GuestRPC mechanism handler table. More... | |
| struct | RPCHandlerRecord |
| Represents a GuestRPC mechanism handler entry used by VMWARE-VMX.EXE. More... | |
| struct | RPCTableInfo |
| Contains information about a GuestRPC mechanism handler table. More... | |
| struct | StringPointer |
| Represents a pointer to an ASCIIZ string with a cached size. More... | |
| struct | StringReferenceDescriptor |
| Represents a pointer to a string pointer. Used to locate GuestRPC mechanism handler table with pointers to command names. More... | |
Public Member Functions | |
| RPCTableManager (HINSTANCE hThisDLL) | |
| bool | InstallHandler (const char *pszPrefix, size_t prefixLen, GRPCHANDLER pHandler, void *pContext, bool ForceReinstall) |
| void | RestoreOriginalHandler () |
| bool | IsEntryModified () |
Private Types | |
| enum | { VerifMaxStringLength = 100 } |
| typedef bool(* | GRPCHANDLER )(void *pContext, int ChannelNumber, char *pCommandBody, unsigned CommandBodyLength, char **ppReply, unsigned *pReplyLen) |
Private Member Functions | |
| bool | FindHandlerTable (bool FullMode=false) |
| Tries to load handler table information from PatchInfoDatabase, and, if not found, scans for it. | |
| void | DoPatch (RPCHandlerRecord *pEntry, const char *pszPrefix, size_t prefixLen, GRPCHANDLER pHandler, void *pContext) |
Static Private Member Functions | |
| static bool | PtrInRange (const std::list< AddressRange > &list, void *ptr) |
| static bool | islen (const char *pStr, size_t expected) |
| Returns whether pStr points to an ASCIIZ string with length of exact expected bytes. | |
| static bool | VerifyEntry (RPCHandlerRecord *pRec, std::list< AddressRange > &dataRanges, std::list< AddressRange > &codeRanges) |
| Returns whether a potential GuestRPC mechanism handler entry is correct and contains no inconsisancies. | |
| static void | FindSections (char *lpMainExe, std::list< AddressRange > &dataRanges, std::list< AddressRange > &codeRanges) |
| static void | MakeListOfStrings (const std::list< AddressRange > &dataRanges, BazisLib::SingleMallocVector< StringPointer > &strings, bool FullMode) |
| static void | FindStringRefs (const std::list< AddressRange > &dataRanges, const BazisLib::SingleMallocVector< StringPointer > &strings, BazisLib::SingleMallocVector< StringReferenceDescriptor > &stringRefs) |
| static void | GroupStringRefs (BazisLib::SingleMallocVector< StringReferenceDescriptor > &stringRefs, BazisLib::SingleMallocVector< RefGroupDescriptor > &groups) |
| static bool | ScanPotentialRPCTable (void *pAddr, std::list< AddressRange > &dataRanges, std::list< AddressRange > &codeRanges, RPCTableInfo &info) |
Private Attributes | |
| PatchInfoDatabase | m_Database |
| PatchingParams | m_Params |
| RPCHandlerRecord | m_OriginalHandler |
| RPCHandlerRecord | m_PatchedEntryCopy |
| RPCHandlerRecord * | m_pPatchedEntry |
Detailed Description
Performs patching of GuestRPC mechanism handler table.VMWare main process (vmware-vmx.exe) contains a table of RPC dispatchers. The RPCTableManager finds this table by building a list of all strings in the original EXE module and finding a structure containing links to the matching strings.
Member Typedef Documentation
typedef bool(* RPCTableManager::GRPCHANDLER)(void *pContext, int ChannelNumber, char *pCommandBody, unsigned CommandBodyLength, char **ppReply, unsigned *pReplyLen) [private] |
Member Enumeration Documentation
Constructor & Destructor Documentation
| RPCTableManager::RPCTableManager | ( | HINSTANCE | hThisDLL | ) |
Member Function Documentation
| void RPCTableManager::DoPatch | ( | RPCHandlerRecord * | pEntry, | |
| const char * | pszPrefix, | |||
| size_t | prefixLen, | |||
| GRPCHANDLER | pHandler, | |||
| void * | pContext | |||
| ) | [inline, private] |
| bool RPCTableManager::FindHandlerTable | ( | bool | FullMode = false |
) | [private] |
Tries to load handler table information from PatchInfoDatabase, and, if not found, scans for it.
Here is the call graph for this function:
| void RPCTableManager::FindSections | ( | char * | lpMainExe, | |
| std::list< AddressRange > & | dataRanges, | |||
| std::list< AddressRange > & | codeRanges | |||
| ) | [static, private] |
Here is the call graph for this function:
| void RPCTableManager::FindStringRefs | ( | const std::list< AddressRange > & | dataRanges, | |
| const BazisLib::SingleMallocVector< StringPointer > & | strings, | |||
| BazisLib::SingleMallocVector< StringReferenceDescriptor > & | stringRefs | |||
| ) | [static, private] |
Here is the call graph for this function:
| void RPCTableManager::GroupStringRefs | ( | BazisLib::SingleMallocVector< StringReferenceDescriptor > & | stringRefs, | |
| BazisLib::SingleMallocVector< RefGroupDescriptor > & | groups | |||
| ) | [static, private] |
Here is the call graph for this function:
| bool RPCTableManager::InstallHandler | ( | const char * | pszPrefix, | |
| size_t | prefixLen, | |||
| RPCTableManager::GRPCHANDLER | pHandler, | |||
| void * | pContext, | |||
| bool | ForceReinstall | |||
| ) |
Here is the call graph for this function:
| bool RPCTableManager::IsEntryModified | ( | ) | [inline] |
| static bool RPCTableManager::islen | ( | const char * | pStr, | |
| size_t | expected | |||
| ) | [inline, static, private] |
Returns whether pStr points to an ASCIIZ string with length of exact expected bytes.
| void RPCTableManager::MakeListOfStrings | ( | const std::list< AddressRange > & | dataRanges, | |
| BazisLib::SingleMallocVector< StringPointer > & | strings, | |||
| bool | FullMode | |||
| ) | [static, private] |
Here is the call graph for this function:
| static bool RPCTableManager::PtrInRange | ( | const std::list< AddressRange > & | list, | |
| void * | ptr | |||
| ) | [inline, static, private] |
| void RPCTableManager::RestoreOriginalHandler | ( | ) |
| bool RPCTableManager::ScanPotentialRPCTable | ( | void * | pAddr, | |
| std::list< AddressRange > & | dataRanges, | |||
| std::list< AddressRange > & | codeRanges, | |||
| RPCTableInfo & | info | |||
| ) | [static, private] |
Here is the call graph for this function:
| static bool RPCTableManager::VerifyEntry | ( | RPCHandlerRecord * | pRec, | |
| std::list< AddressRange > & | dataRanges, | |||
| std::list< AddressRange > & | codeRanges | |||
| ) | [inline, static, private] |
Returns whether a potential GuestRPC mechanism handler entry is correct and contains no inconsisancies.
Here is the call graph for this function:
Member Data Documentation
PatchInfoDatabase RPCTableManager::m_Database [private] |
PatchingParams RPCTableManager::m_Params [private] |
RPCHandlerRecord* RPCTableManager::m_pPatchedEntry [private] |
The documentation for this class was generated from the following files:
- kdclient/tablemgr.h
- kdclient/tablemgr.cpp